October 4, 2023

WG9.6/11.7 – Information Technology Mis-Use and the Law

est. 1990, revised 1992, 2001


This WG also runs an annual summer school http://www.ifip-summerschool.org


  • To foster co-operation between the “Computers and Society” and “Information Security” communities on issues of “IT misuse and the law”.
  • To develop an understanding in IFIP committees and national bodies of:
    • threats associated with IT systems and the related legal concerns.
    • risks to people and organisations arising from these threats.
    • responsibilities of people and organisations arising from legal and other provisions for information security.
    • risks arising from incoherency between legal, technical and managerial provisions.
    • the impact of IT systems on the current law, e.g. (criminal and civil law) and potential problems.
  • To propose and/or evaluate legal and other prescriptions to combat these threats and their associated risks.
  • To engender information exchange on threats, their origins, and possible consequences.
  • To propose and/or evaluate legal and other appropriate courses of action.


  • Analysis of existing and emerging threats to IT systems security, and the associated risks to people, organisations and society.
  • Analysis of security principles.
  • Aspects of the law where the use or introduction of IT on a global scale has rendered the current law (and/or its interpretations) obsolete or obsolescent or made it unenforcable.
  • Analysis of potential means of countering and mitigating threats, e.g. legal frameworks, ethical standards, managerial procedures, and other social factors applicable to behaviour and responsibilities in the context of IT systems.
  • Possible solutions.
  • New legal, social and organisational consequences of the development and use of IT systems.